Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3c0fa6e38a695f6e2ada2a61953e2cdac12bf9b3de0d8f69a00698e0a8712be3

  • Size

    3.4MB

  • Sample

    230314-zz71aahh39

  • MD5

    64dea14d6939fe9773c4fe7e9bb18bb0

  • SHA1

    61375e2f5e4b63030b74c6371d1925ac8a1b103d

  • SHA256

    3c0fa6e38a695f6e2ada2a61953e2cdac12bf9b3de0d8f69a00698e0a8712be3

  • SHA512

    094fef8016787cac91e58286b8adc4e95469563f391a6774d821caf7ef3a43d3ce3ad8ae028c435c18b289337667abf57ed7eb1f31be64fa89db085e0b138126

  • SSDEEP

    98304:+na5Gkonx+t5bHJmSwD2jCgQIr/84IVuTPYFw:4a5InxsjmTK+gQIjCw3

Malware Config

Targets

    • Target

      3c0fa6e38a695f6e2ada2a61953e2cdac12bf9b3de0d8f69a00698e0a8712be3

    • Size

      3.4MB

    • MD5

      64dea14d6939fe9773c4fe7e9bb18bb0

    • SHA1

      61375e2f5e4b63030b74c6371d1925ac8a1b103d

    • SHA256

      3c0fa6e38a695f6e2ada2a61953e2cdac12bf9b3de0d8f69a00698e0a8712be3

    • SHA512

      094fef8016787cac91e58286b8adc4e95469563f391a6774d821caf7ef3a43d3ce3ad8ae028c435c18b289337667abf57ed7eb1f31be64fa89db085e0b138126

    • SSDEEP

      98304:+na5Gkonx+t5bHJmSwD2jCgQIr/84IVuTPYFw:4a5InxsjmTK+gQIjCw3

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks